Published On Jul 15, 2023
In this video, we cover Lab #2 in the Authentication module of the Web Security Academy. This lab's two-factor authentication can be bypassed. You have already obtained a valid username and password, but do not have access to the user's 2FA verification code. To solve the lab, we access Carlos's account page.
Your credentials: wiener:peter
Victim's credentials carlos:montoya
▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: https://academy.ranakhalil.com/p/web-...
▬ 📚 Contents of this video 📚 ▬▬▬▬▬▬▬▬▬▬
00:00 - Introduction
00:12 - Web Security Academy Course (https://bit.ly/30LWAtE)
01:23 - Navigation to the exercise
01:52 - Understand the exercise and make notes about what is required to solve it
02:35 - Exploit the lab
05:12 - Script the exploit in Python
12:45 - Summary
12:57 - Thank You
▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬
Python script: https://github.com/rkhal101/Web-Secur...
Notes.txt document: https://github.com/rkhal101/Web-Secur...
Web Security Academy Lab Exercise: https://portswigger.net/web-security/...
Rana's Twitter account: / rana__khalil